07/29/2021 | Press release | Distributed by Public on 07/28/2021 20:52
Adli Wahid (left) assisting with tabletop exercises at an event in Samoa in 2019.
A little more than two months ago I heard the good news that the Samoa National Computer Emergency Response Team (SamCERT) had been established. Congratulations to the team at the Ministry of Communications and Information Technology (MCIT) and the security community in Samoa!
With this news, I started to think more deeply about the state of cybersecurity in the Pacific and what makes it work. It feels like yesterday that we held the third incident response workshop for the Pacific community where one of the hypothetical scenarios was a tabletop exercise for the Pacific Games 2019 (held in Samoa that year).
The role of enterprise CERTs/CSIRTs
While it is encouraging to see national CERTs/CSIRTs being established and efforts to support them, it's not just governments that need these incident response capabilities. Let's not lose sight of the need to make sure enterprises or organizations are equipped to respond as well. There are a few reasons for this:
The global CSIRT community
Speaking of FIRST (the largest CERT/CSIRT community with teams from 98 economies) you'll quickly realize that the majority of the member teams are enterprise CSIRTs or PSIRTs (Product CSIRTs). Your CSIRT does not have to be a FIRST member, but the point is that many organizations have a dedicated CSIRT and make an effort to connect with wider incident response community.
Closer to our region we have a good example of this in the form of the Nippon CSIRT Association - a community of CERTs/CSIRTs in Japan. A list of members is available, but what is more interesting to me are the activities and various working groups that have been established to support the members. Imagine the immense value of this type of community work in improving the security ecosystem and enhancing the work of the national CERT.
The work must go on
I personally hope that we don't just get excited about supporting the establishment of national CERTs only and the work ends when that's done. In my experience, this is just the starting point. Here at APNIC, we are keen to support both national and enterprise CSIRTs.
Check out some of the past and future webinars on this topic or join our security tracks, which are usually jointly organized with FIRST or APCERT, at our APNIC conferences (registrations are now open for APNIC 52!).
We have also conducted several CSIRT establishment workshops with materials developed by the community such as FIRST and TERENA; feel free to reach out to us.
The APNIC Foundation has supported the establishment of CERTs in the Pacific via cyber security capability and awareness projects.
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.